Amendments to the Drawin2s; 

The attached sheets of drawings include changes to FIG. 4, as represented by an 

annotated sheet and a replacement sheet. The annotated sheet shows the amendments made to 

FIG 4 in red, including the addition of reference numeral "50" and the replacement of one of the 

reference numerals "24" with the reference numeral "25". The replacement sheet replaces the 

original sheet that included FIG. 4. 
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Remarks/Arguments 

This Amendment and Response is considered fully responsive to the Office action mailed 
February 28, 2007. Claims 1- 77 are pending in the application. Claims 1-77 stand rejected. 
Claims 29-56 and 68-72 have been amended herein. No claims have been canceled. No new 
claims have been added. Reexamination and reconsideration are respectfully requested. 

Telephonic Examiner Interview 

The Undersigned thanks the Examiner for her time on July 10, 2007, during which we 
discussed the drawings objections and the Section 102 rejection of claims 1, 29, and 57 in light 
of U.S. Patent No. 7,051,322 to Rioux, During the interview, we also discussed how U.S. Patent 
Publication No. 2005/0010806 to Berg et al. ("Berg") may or may not be applied to claims 1, 29, 
and 57. The Undersigned indicated that a detailed review of Berg would be required to consider 
that point. The Undersigned and the Examiner agreed that the Applicants would file a response 
with appropriate arguments informed by the interview discussion. 

Claim Objections 

The Office has objected to claim 51 as exceeding one sentence. Claim 51 has been 
amended to remove the extraneous sentence, which was a comment inadvertently left in the 
application as filed. Said amendment does not narrow the scope of the coverage recited in 
claim 51. Withdrawal of the objection to claim 51 is requested. 

Drawings 

The Office has objected to the drawings as purportedly failing to comply with 37 C.F.R. 
§1.84(p)(5) because for the following reasons: 

FIG. 1, #108 is not mentioned in the Specification; 
FIG. 2, #220 is not mentioned in the Specification; 
FIG. 4, #25 & #50 are not shown in the drawing. 

With regard to FIG. 1, the Applicants point to page 7, line 25 of the filed Specification as 
mentioning a controlled interface 108. As such, the Applicants request withdrawal of the 
objection to FIG. 1 . 
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With regard to FIG. 2, the Applicants have amended the paragraph on page 16, lines 1 1- 
21 to reference the graphical user interface tool 220. As such, the Applicants believe the 
objection of FIG. 2 has been overcome. 

With regard to FIG. 4, the Applicants have amended the FIG. 4 to include reference 
numerals 25 (replacing one of the reference numerals 24) and 50. Accordingly, the Applicants 
submit herewith an annotated sheet showing the amendments to FIG. 4 and a replacement sheet 
for FIG. 4. As such, the Applicants believe the objection of FIG. 4 has been overcome. 

Rejections Under 35 U.S,C. SlQl 

Claims 29-56 and 68-72 stand rejected under 35 U.S.C. §101 because the claimed 
invention is purportedly directed to non-statutory subject matter. Without acquiescing to the 
Office's position that a computer program product embodied in a carrier wave does not 
constitute statutory subject matter, the Applicants have amended claims 29-56 and 68-72 to 
recite a "computer program storage medium". As such, withdrawal of the rejection of claims 29- 
56 and 68-72 under 35 U.S.C. §101 is respectfully requested. 

Rejections Under 35 U.S.C. SI 12 

Claim 51 stands rejected under 35 U.S.C. §112, second paragraph, as being purportedly 
indefinite for failing to particularly point out and distinctly claim the subject matter which the 
Applicants regard as the invention. As discussed with regard to the claim objection of claim 51, 
claim 51 has been amended to remove the extraneous sentence, which was a comment 
inadvertently left in the application as filed. Said amendment does not narrow the scope of the 
coverage recited in claim 51, Withdrawal of the rejection of claim 51 under 35 U.S.C. §112, 
second paragraph, is requested. 

Rejections Under 35 U.S.C, 8 102 

Claims 1-4, 27-32, and 55-58 are rejected under 35 U.S.C. § 102(e) as being purportedly 
anticipated by U.S. Patent No. 7,051,322 to Rioux. The rejection is respectfiilly traversed. 

Rioux discloses a software analysis framework that includes a nanocode decompiler to 
provide a complete model of the executable code at the nanocode level. Riota, Abstract; col. 2, 
lines 25-3 1 . Exemplary operations include parsing the executable code, and identifying and 
recursively modeling the data flow and the control flow in the executable code. Id. Input to the 



18 



Attorney Docket No. MS30600 1 .0 1 



nanocode decompiler includes executable code 301, library signature tables 3 IOC derived from 
system libraries 31 OA, resource file and headers 355, headers and symbol information 360B 
derived from system header files 360A, and potentially linker definition information 377, Rioux, 
col. 1 1 line 47 - col 1 13, line 49; FIGs. 2A and 2B. The output of the nanocode decompiler is a 
human-readable intermediate representation 370 (IR), source code and headers 380, and 
supporting files 385 as well as reports that can be used by a human to detect security 
vulnerabilities and other general quality issues in the code. Riotix, col. 2, line 63 to col. 3, 
line 12. "Control flow" and "data flow" are defined in at least col 1, lines 40-61 of Rioux. The 
"security vulnerabilities" mentioned in Rioux appear to be directed to improperly constructed 
code representing flaws or conditions, including security holes such a buffer structure flaws 
exploitable via "buffer overflow" attacks and other known and unknown risk factors. Riotix, 
col. 11, lines 3-10. Importanflv, Rioux makes no mention of runtime securitv policies or 
permissions . 

Claims 1 and 29 recite in part "receiving into an execution environment input component 
code and a runtime security policy". Claim 57 recites in part "a call graph generator receiving 
into an execution environment input component code and a runtime security policy". The 
Applicants assert that the term "runtime security policy" is a term known in the art and is 
described consistently within the disclosure of the present application. For example, a relevant 
discussion of permissions and runtime security policies spans page 6, line 6 to page. 12, line 16. 
Permissions are attached to identified code components and the operations that are available to 
the code are limited by these permissions. Page 6, lines 11-14. 

The rights attached to every piece of code are made explicitly (e.g., 
according to the origin of the code and evidence attached to that code). This 
assignment of rights to code and various security checks performed as the code is 
loaded are referred to as the "runtime security policy". 

Page 6, line 16-20. Furthermore, according to one implementation, the "runtime security 
policy 204 represents a hypothesis of the static permission attributed to an unknown program 
(e.g., an applet) that may be executed within the test configuration using the provided component 
code 202." Page 13, lines 1-4. 
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The Applicants respectfiilly submit that Rioux fails to disclose or suggest receiving a 
runtime security policy. In fact, Rioux makes no mention of runtime security policies or 
permissions . The security vulnerabilities or holes disclosed by Rioux are not disclosed as being 
related to permissions or a runtime security policy but instead appear to be related to improper 
code constructions, such a buffer structure flaws exploitable via "buffer overflow" attacks. 
Accordingly, Rioux fails to anticipate the invention of claims 1, 29, and 57. Allowance of claims 
1, 29, and 57 is therefore requested. 

As a second matter, claims 1 and 29 recite "generating a call graph of call paths through 
the input component code simulated in combination with at least one symbolic component 
representing additional arbitrary code that complies with the runtime security policy", and 
claim 57 recites "a call graph generator . . . generating a call graph of call paths through the input 
component code simulated in combination with at least one symbolic component representing 
additional arbitrary code that complies with the runtime security policy." In accordance with the 
Applicants-asserted absence of disclosure of a "runtime security policy" in Rioux, the Applicants 
submit that Rioux fails to disclose this generating operation. The Applicants point out that the 
symbolic representations of Rioux are disclosed as representing only environment calls, 
procedures and the code graph and are not disclosed or suggested as representing runtime 
security policv-compliant arbitrary code . Therefore, at the very least, Rioux fails to disclose "at 
least one symbolic component representing additional arbitrary code that complies with the 
runtime security policy". Moreover, Rioux fails to disclose the simulation "in combination" 
recited in claims 1, 29, and 57. Accordingly, Rioux fails to anticipate the invention of claims 1, 
29, and 57. 

During the telephonic examiner interview of July 10, 2007, the Undersigned pointed out 
the lack of disclosure of a "runtime security policy" in Rioux. The Examiner then suggested that 
another reference, U.S. Patent Publication No. 2005/0010806 to Berg et al. ("Berg"), may 
disclose a "runtime security policy" at paragraphs [0279]-[0287]. Upon review of Berg, the 
Applicants submit that Berg merely discloses a search of an intermediate representation (IR) of 
source code in an attempt to locate a coding error in which a Windows API call that sets security 
attributes undesirably sets a resource's access control list (ACL) to "null". Berg, [0286]. 

Without acquiescing to the Examiner's suggestion that the Windows API call might 
represent a runtime security policy, the Applicants submit that Berg fails to disclose or suggest 
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"call paths through the input component code simulated in combination with at least one 
symbolic component representing additional arbitrary code that complies with the runtime 
security policy." Instead, Berg merely discloses searching through the IR for a relevant API call 
in the source code and testing a particular argument or group of arguments for an incorrect or 
insecure argument. No disclosure or suggestion is made in Berg of "a symbolic component 
representing arbitrary code that complies with the runtime security policy" or "call 
paths. . .simulated in combination" therewith. Accordingly, Berg fails to disclose at least two of 
the claimed features that are absent from Rioux. 

For at least the foregoing reasons, the Applicants request withdrawal of the rejections and 
allowance of claims 1, 29, and 57. 

Claims 2-4 and 27-28, claims 30-32 and 55-56, and claim 58 depend from independent 
claims 1, 29, and 57, respectively, which are believed to be allowable. Accordingly, claims 2-4, 
27-28, 30-32, 55-56, and 58 are believed to be allowable for at least the same reasons as their 
respective base claims. Therefore, the Applicants request withdrawal of the rejections and 
allowance of claims 2-4, 27-28, 30-32, 55-56, and 58. 

Rejections Under 35 U.S.C. S103fa) 

Claims 5-26, 33-54 and 59-77 stand rejected under 35 U.S.C. § 103(a) as being 
purportedly unpatentable over Rioux in view of Berg. The Applicants respectfully traverse the 
rejections. 

Claims 5-26, claims 33-54 and claims 59-62 depend from independent claims 1, 29, 
and 57, respectively, which are believed to be allowable. Accordingly, claims 5-26, 33-54 
and 59-62 are believed to be allowable for at least the same reasons as their respective base 
claims. Therefore, the Applicants request withdrawal of the rejections and allowance of claims 
5-26, 33-54 and 59-62. 

The Applicants note that claim 59 is specifically rejected twice, once on page 15 of the 
Office action and again on page 18 of the Office action. The language of the specific rejection 
on page 15 does not appear to match the claim language of claim 59, whereas the language of the 
specific rejection on page 1 8 does appear to match the claim language of claim 59. The 
Applicants interpret the specific rejection of claim 59 on page 15 to be an error and requests 
clarification from the Examiner if this is not the case. 
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Claims 63, 68, and 73 recite "a call graph of call paths through input component code 
simulated in combination with at least one symbolic component representing additional arbitrary 
code that complies with a runtime security policy." For at least the reasons given with regard to 
the similar clause in claims 1, 29, and 57, Rioux and Berg fail to disclose or suggest this feature, 
either singly or in combination. Furthermore, neither Rioux nor Berg disclose or suggest 
identifying a subset of said simulated call paths (in a call graph) that satisfy a query. 
Accordingly, Rioux and Berg fails to make obvious the invention of claims 63, 68, and 73. 
Therefore, the Applicants request withdrawal of the rejections and allowance of claims 63, 68, 
and 73. 

Claims 64-67, claims 69-72, and claims 74-77 depend from independent claims 63, 68, 
and 73, respectively, which are believed to be allowable. Accordingly, claims 64-57, 69-72, and 
74-77 are believed to be allowable for at least the same reasons as their respective base claims. 
Therefore, the Applicants request withdrawal of the rejections and allowance of claims 64-57, 
69-72, and 74-77. 

Conclusion 

The Applicants have fully responded to each and every objection and rejection in the 
Office action dated February 28, 2007 and believe that claims 1-77 are in a condition for 
allowance. Therefore, the Applicants respectfully request that a timely Notice of Allowance be 
issued in this case. 

This Amendment and Response to Office Action is submitted with a petition and fee for a 
three-month extension. The Applicants believe no other fees or petitions are due with this filing. 
However, should any such fees or petitions be required, please consider this a request therefor 
and authorization to charge Deposit Account No. 50-0463 as necessary. 
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If the Office believes any issues could be resolved via a telephone interview, the Office is 
invited to contact the Undersigned at the telephone number listed below. 



Date: August 23, 2007 Respectfully submitted. 



/Richard J. Holzer. Jr./ 

Richard J. Holzer, Jr., Reg. No. 42,668 
Attorney for Applicants 
USPTO Customer No. 69316 

HENSLEY KIM & HOLZER, LLC 
1660 Lincoln Street, Suite 3000 
Denver, Colorado 80264 
Tel: 720-377-0770 
Fax: 720-377-0777 
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